Examples with DigestAuthenticator org.apache.catalina.authenticator.DigestAuthenticator used on opensource projects

Search in sources :

Example 1 with DigestAuthenticator

use of org.apache.catalina.authenticator.DigestAuthenticator in project tomee by apache.

the class TomcatWsRegistry method createNewContext.

private static Context createNewContext(final ClassLoader classLoader, String authMethod, String transportGuarantee, final String realmName, final String name) {
    String path = name;
    if (path == null) {
        path = "/";
    }
    if (!path.startsWith("/")) {
        path = "/" + path;
    }
    final StandardContext context = new IgnoredStandardContext();
    context.setPath(path);
    context.setDocBase("");
    context.setParentClassLoader(classLoader);
    context.setDelegate(true);
    context.setName(name);
    ((TomcatWebAppBuilder) SystemInstance.get().getComponent(WebAppBuilder.class)).initJ2EEInfo(context);
    // Configure security
    if (authMethod != null) {
        authMethod = authMethod.toUpperCase();
    }
    if (transportGuarantee != null) {
        transportGuarantee = transportGuarantee.toUpperCase();
    }
    if (authMethod == null || "NONE".equals(authMethod)) {
    //NOPMD
    // ignore none for now as the  NonLoginAuthenticator seems to be completely hosed
    } else if ("BASIC".equals(authMethod) || "DIGEST".equals(authMethod) || "CLIENT-CERT".equals(authMethod)) {
        //Setup a login configuration
        final LoginConfig loginConfig = new LoginConfig();
        loginConfig.setAuthMethod(authMethod);
        loginConfig.setRealmName(realmName);
        context.setLoginConfig(loginConfig);
        //Setup a default Security Constraint
        final String securityRole = SystemInstance.get().getProperty(TOMEE_JAXWS_SECURITY_ROLE_PREFIX + name, "default");
        for (final String role : securityRole.split(",")) {
            final SecurityCollection collection = new SecurityCollection();
            collection.addMethod("GET");
            collection.addMethod("POST");
            collection.addPattern("/*");
            collection.setName(role);
            final SecurityConstraint sc = new SecurityConstraint();
            sc.addAuthRole("*");
            sc.addCollection(collection);
            sc.setAuthConstraint(true);
            sc.setUserConstraint(transportGuarantee);
            context.addConstraint(sc);
            context.addSecurityRole(role);
        }
        //Set the proper authenticator
        if ("BASIC".equals(authMethod)) {
            context.addValve(new BasicAuthenticator());
        } else if ("DIGEST".equals(authMethod)) {
            context.addValve(new DigestAuthenticator());
        } else if ("CLIENT-CERT".equals(authMethod)) {
            context.addValve(new SSLAuthenticator());
        } else if ("NONE".equals(authMethod)) {
            context.addValve(new NonLoginAuthenticator());
        }
        context.getPipeline().addValve(new OpenEJBValve());
    } else {
        throw new IllegalArgumentException("Invalid authMethod: " + authMethod);
    }
    return context;
}
Also used : TomcatWebAppBuilder(org.apache.tomee.catalina.TomcatWebAppBuilder) NonLoginAuthenticator(org.apache.catalina.authenticator.NonLoginAuthenticator) TomcatWebAppBuilder(org.apache.tomee.catalina.TomcatWebAppBuilder) WebAppBuilder(org.apache.openejb.assembler.classic.WebAppBuilder) SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint) IgnoredStandardContext(org.apache.tomee.catalina.IgnoredStandardContext) SSLAuthenticator(org.apache.catalina.authenticator.SSLAuthenticator) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) OpenEJBValve(org.apache.tomee.catalina.OpenEJBValve) DigestAuthenticator(org.apache.catalina.authenticator.DigestAuthenticator) IgnoredStandardContext(org.apache.tomee.catalina.IgnoredStandardContext) StandardContext(org.apache.catalina.core.StandardContext) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) SecurityCollection(org.apache.tomcat.util.descriptor.web.SecurityCollection)

Example 2 with DigestAuthenticator

use of org.apache.catalina.authenticator.DigestAuthenticator in project tomee by apache.

the class TomcatHessianRegistry method createNewContext.

private static Context createNewContext(final ClassLoader classLoader, final String rAuthMethod, final String rTransportGuarantee, final String realmName, final String name) {
    String path = name;
    if (path == null) {
        path = "/";
    }
    if (!path.startsWith("/")) {
        path = "/" + path;
    }
    final StandardContext context = new IgnoredStandardContext();
    context.setPath(path);
    context.setDocBase("");
    context.setParentClassLoader(classLoader);
    context.setDelegate(true);
    context.setName(name);
    TomcatWebAppBuilder.class.cast(SystemInstance.get().getComponent(WebAppBuilder.class)).initJ2EEInfo(context);
    // Configure security
    String authMethod = rAuthMethod;
    if (authMethod != null) {
        authMethod = authMethod.toUpperCase();
    }
    String transportGuarantee = rTransportGuarantee;
    if (transportGuarantee != null) {
        transportGuarantee = transportGuarantee.toUpperCase();
    }
    if (authMethod != null & !"NONE".equals(authMethod)) {
        if ("BASIC".equals(authMethod) || "DIGEST".equals(authMethod) || "CLIENT-CERT".equals(authMethod)) {
            //Setup a login configuration
            final LoginConfig loginConfig = new LoginConfig();
            loginConfig.setAuthMethod(authMethod);
            loginConfig.setRealmName(realmName);
            context.setLoginConfig(loginConfig);
            //Setup a default Security Constraint
            final String securityRole = SystemInstance.get().getProperty(TOMEE_HESSIAN_SECURITY_ROLE_PREFIX + name, "default");
            for (final String role : securityRole.split(",")) {
                final SecurityCollection collection = new SecurityCollection();
                collection.addMethod("GET");
                collection.addMethod("POST");
                collection.addPattern("/*");
                collection.setName(role);
                final SecurityConstraint sc = new SecurityConstraint();
                sc.addAuthRole("*");
                sc.addCollection(collection);
                sc.setAuthConstraint(true);
                sc.setUserConstraint(transportGuarantee);
                context.addConstraint(sc);
                context.addSecurityRole(role);
            }
        }
        //Set the proper authenticator
        switch(authMethod) {
            case "BASIC":
                context.addValve(new BasicAuthenticator());
                break;
            case "DIGEST":
                context.addValve(new DigestAuthenticator());
                break;
            case "CLIENT-CERT":
                context.addValve(new SSLAuthenticator());
                break;
            case "NONE":
                context.addValve(new NonLoginAuthenticator());
                break;
        }
        context.getPipeline().addValve(new OpenEJBValve());
    } else {
        throw new IllegalArgumentException("Invalid authMethod: " + authMethod);
    }
    return context;
}
Also used : TomcatWebAppBuilder(org.apache.tomee.catalina.TomcatWebAppBuilder) NonLoginAuthenticator(org.apache.catalina.authenticator.NonLoginAuthenticator) SecurityConstraint(org.apache.tomcat.util.descriptor.web.SecurityConstraint) IgnoredStandardContext(org.apache.tomee.catalina.IgnoredStandardContext) SSLAuthenticator(org.apache.catalina.authenticator.SSLAuthenticator) BasicAuthenticator(org.apache.catalina.authenticator.BasicAuthenticator) OpenEJBValve(org.apache.tomee.catalina.OpenEJBValve) DigestAuthenticator(org.apache.catalina.authenticator.DigestAuthenticator) IgnoredStandardContext(org.apache.tomee.catalina.IgnoredStandardContext) StandardContext(org.apache.catalina.core.StandardContext) LoginConfig(org.apache.tomcat.util.descriptor.web.LoginConfig) SecurityCollection(org.apache.tomcat.util.descriptor.web.SecurityCollection)

Aggregations

BasicAuthenticator (org.apache.catalina.authenticator.BasicAuthenticator)2 DigestAuthenticator (org.apache.catalina.authenticator.DigestAuthenticator)2 NonLoginAuthenticator (org.apache.catalina.authenticator.NonLoginAuthenticator)2 SSLAuthenticator (org.apache.catalina.authenticator.SSLAuthenticator)2 StandardContext (org.apache.catalina.core.StandardContext)2 LoginConfig (org.apache.tomcat.util.descriptor.web.LoginConfig)2 SecurityCollection (org.apache.tomcat.util.descriptor.web.SecurityCollection)2 SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)2 IgnoredStandardContext (org.apache.tomee.catalina.IgnoredStandardContext)2 OpenEJBValve (org.apache.tomee.catalina.OpenEJBValve)2 TomcatWebAppBuilder (org.apache.tomee.catalina.TomcatWebAppBuilder)2 WebAppBuilder (org.apache.openejb.assembler.classic.WebAppBuilder)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial